[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: I *think* I found the apache2 docs, but it's in .html and Icannot getfirefox to access it using "file:"+ /path/to/filedir

On Wed 22 Jun 2022, at 21:16, gene heskett <gheskett@shentel.net> wrote:
> On 6/22/22 10:45, Gareth Evans wrote:
> [and I sniped a few kilobytes of.]
>
> I think I've got it, but I did find what may be a bug in mod auth_plain.
>
> Its asking for a username and pw, but nothing seems to satisfy it

I didn't see you had replied before sending my previous message, please ignore.

Can't find anything about mod_auth_plain but if you mean mod_auth_basic this requires usernames/passwords to be set up, not looking at /etc/passwd

https://www.howtogeek.com/devops/how-to-setup-basic-http-authentication-on-apache/

This also has a link to setting up LetsEncrypt.

> , so
> I disabled it, no man page hat I can find, and now its showing me
> the directory I want as the root of this server, with one subdir
> I can click on, and the first file I put there.
>
> However I need to compose an explanatory README to go with it as
> I had to invent my own method of installing it on a u-booting rpi.  Its a
> preempt-rt kernel needed to run the armhf version of linuxcnc from
> the buildbot. I run the bleeding edge development version on all 4
> of my machines I've built or rebuilt. I play the part of the caged
> canary in the coal mine, checking for showstoppers as development
> is ongoing and has been since the net arrived. Its a NIST project, re-
> done in gpl and was once on the no export list. See at linuxcnc.org.
>
> So the plain text version is working and you should be able to see it at
> <http:6309/geneslinuxbox.net> (or something like that)

Yes.

>
> That file in the armhf subdir is just under 30 megabytes, so if paying
> for the bandwidth, don't click on it.
>
> Making progress, I think, Thanks Gareth.
>
> However, if there is a way to implement a OTP so I can keep track of the 
> users,
> I could use some help with that as long as I don't setup a universal pw 
> the bots
> can use. What I'd like is a true OTP with a 2 week lifetime.  Can that 
> be done?

I see there are various offerings (web search for "apache otp") but there doesn't seem to be an official offering.

I would imagine just using a password would keep the bots away.  Are they that determined?

Best wishes,
Gareth

>
> Take care and stay well.
>
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
>   soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>   - Louis D. Brandeis
Reply to: